Bugtraq mailing list archives
Accept overflow on Netscape Enterprise Server 3.6 SP2
From: n-miwa () LAC CO JP (Nobuo Miwa)
Date: Mon, 13 Sep 1999 00:17:46 +0900
Hi, I found a vulnerability in "Enterprise 3.6 SP 2 SSL Handshake fix".. I sent a malformed URL to the server and its service was dead. Its URL is following... GET / HTTP/1.0 Accept: aaaaaaaaaaaaaa...2000byte/gif Ofcourse you must be able to execute small code you like with "long Accept" command(just like htr problem on IIS). I've reported this to Netscape on 31st Aug. They've just finished making the patch(maybe SP3). It must be released soon. I'm gonna post this to BUGTRAQ after they release the patch, but someone posted it to some other mailing lists. So I decided to post it to here today. Thanks, Nobuo Miwa(Moderator of BUGTRAQ-JP)
Current thread:
- fixing all buffer overflows --- random magin numbers, (continued)
- fixing all buffer overflows --- random magin numbers Dr. Joel M. Hoffman (Sep 11)
- Re: fixing all buffer overflows --- random magin numbers Peter van Dijk (Sep 12)
- Re: fixing all buffer overflows --- random magin numbers Eric Hutchinson (Sep 12)
- Re: fixing all buffer overflows --- random magin numbers Daniel W. Dulitz x108 (Sep 13)
- Enterprise Overflow Daniel Kerr (Sep 11)
- Re: gftp - ms ftp debug mode Valentin (Sep 12)
- Re: gftp - ms ftp debug mode Max Vision (Sep 12)
- Linux 2.2.12 mini-audit Solar Designer (Sep 13)
- Vulnerability in dtaction Job de Haas (Sep 13)
- Many kind of POP3/SMTP server softwares for Windows have buffer overflow bug UNYUN (Sep 12)
- Accept overflow on Netscape Enterprise Server 3.6 SP2 Nobuo Miwa (Sep 12)
- Re: COM and Windows 2000 thomasz () HOSTMASTER ORG (Sep 12)